As glibc will be scanned for CVEs, we don't need to scan glibc-locale,
glibc-mtrace, and glibc-scripts which are all separate recipes for technical
reasons.
Exclude the recipes by setting CVE_PRODUCT in the recipe, instead of using the
global whitelist.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE_CHECK_CREATE_MANIFEST ??= "1"
# Whitelist for packages (PN)
-CVE_CHECK_PN_WHITELIST = "\
- glibc-locale \
-"
+CVE_CHECK_PN_WHITELIST ?= ""
# Whitelist for CVE and version of package. If a CVE is found then the PV is
# compared with the version list, and if found the CVE is considered
inherit libc-package
BBCLASSEXTEND = "nativesdk"
+
+# Don't scan for CVEs as glibc will be scanned
+CVE_PRODUCT = ""
install -d -m 0755 ${D}${bindir}
install -m 0755 ${SRC}/mtrace ${D}${bindir}/
}
+
+# Don't scan for CVEs as glibc will be scanned
+CVE_PRODUCT = ""
# sotruss script requires sotruss-lib.so (given by libsotruss package),
# to produce trace of the library calls.
RDEPENDS_${PN} += "libsotruss"
+
+# Don't scan for CVEs as glibc will be scanned
+CVE_PRODUCT = ""
